1 /* 2 * Licensed to the Apache Software Foundation (ASF) under one or more 3 * contributor license agreements. See the NOTICE file distributed with 4 * this work for additional information regarding copyright ownership. 5 * The ASF licenses this file to You under the Apache License, Version 2.0 6 * (the "License"); you may not use this file except in compliance with 7 * the License. You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 package org.conscrypt; 18 19 import java.io.File; 20 import java.io.FileInputStream; 21 import java.io.FileNotFoundException; 22 import java.io.IOException; 23 import java.security.InvalidAlgorithmParameterException; 24 import java.security.KeyStore; 25 import java.security.KeyStoreException; 26 import java.security.NoSuchAlgorithmException; 27 import java.security.UnrecoverableKeyException; 28 import java.security.cert.CertificateException; 29 import javax.net.ssl.KeyManager; 30 import javax.net.ssl.KeyManagerFactorySpi; 31 import javax.net.ssl.ManagerFactoryParameters; 32 import org.conscrypt.util.EmptyArray; 33 34 /** 35 * KeyManagerFactory implementation. 36 * @see KeyManagerFactorySpi 37 */ 38 public class KeyManagerFactoryImpl extends KeyManagerFactorySpi { 39 40 // source of key material 41 private KeyStore keyStore; 42 43 //password 44 private char[] pwd; 45 46 /** 47 * @see KeyManagerFactorySpi#engineInit(KeyStore ks, char[] password) 48 */ 49 @Override engineInit(KeyStore ks, char[] password)50 protected void engineInit(KeyStore ks, char[] password) 51 throws KeyStoreException, NoSuchAlgorithmException, 52 UnrecoverableKeyException { 53 if (ks != null) { 54 keyStore = ks; 55 if (password != null) { 56 pwd = password.clone(); 57 } else { 58 pwd = EmptyArray.CHAR; 59 } 60 } else { 61 keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); 62 String keyStoreName = System.getProperty("javax.net.ssl.keyStore"); 63 String keyStorePwd = null; 64 if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE") || keyStoreName.isEmpty()) { 65 try { 66 keyStore.load(null, null); 67 } catch (IOException e) { 68 throw new KeyStoreException(e); 69 } catch (CertificateException e) { 70 throw new KeyStoreException(e); 71 } 72 } else { 73 keyStorePwd = System.getProperty("javax.net.ssl.keyStorePassword"); 74 if (keyStorePwd == null) { 75 pwd = EmptyArray.CHAR; 76 } else { 77 pwd = keyStorePwd.toCharArray(); 78 } 79 try { 80 keyStore.load(new FileInputStream(new File(keyStoreName)), pwd); 81 } catch (FileNotFoundException e) { 82 throw new KeyStoreException(e); 83 } catch (IOException e) { 84 throw new KeyStoreException(e); 85 } catch (CertificateException e) { 86 throw new KeyStoreException(e); 87 } 88 } 89 90 } 91 92 } 93 94 /** 95 * @see KeyManagerFactorySpi#engineInit(ManagerFactoryParameters spec) 96 */ 97 @Override engineInit(ManagerFactoryParameters spec)98 protected void engineInit(ManagerFactoryParameters spec) 99 throws InvalidAlgorithmParameterException { 100 throw new InvalidAlgorithmParameterException( 101 "ManagerFactoryParameters not supported"); 102 103 } 104 105 /** 106 * @see KeyManagerFactorySpi#engineGetKeyManagers() 107 */ 108 @Override engineGetKeyManagers()109 protected KeyManager[] engineGetKeyManagers() { 110 if (keyStore == null) { 111 throw new IllegalStateException("KeyManagerFactory is not initialized"); 112 } 113 return new KeyManager[] { new KeyManagerImpl(keyStore, pwd) }; 114 } 115 116 } 117